MODELING ACCESS CONTROL AND USER ACTIONS USING TRUST - BASED ACCESS CONTROL POLICIES
MODELING ACCESS CONTROL AND USER ACTIONS USING TRUST - BASED ACCESS CONTROL POLICIES

Summary/Abstract: This paper is a natural continuation of previous research on the implementation of confidentiality in small, medium, and virtual enterprises. This research began in 2009, with the work "Xml Based Techniques for Data Privacy in E-Business" which revealed that for small, medium, and virtual enterprises that often represent start-ups, trust is a basic element. Thus, in 2010, we published the paper "Control access to information by applying policies based on trust hierarchies". Present work shows a method of modeling the hierarchies of trust in computer systems. After a review of previous research and the presentation of the necessary conditions for accessing and applying actions on an object, published in "Data security management applying trust policies for small organizations, ad hoc organizations and virtual organizations" in 2012, this paper presents the four necessary steps, from the analysis of the manual system necessary to be automated to the determination of the access policies of the users. • Stage 1 - analysis of the existing situation - refers to the identification of actors, and actions that apply to an object. • Stage 2 - creating the computer system and optimizing the flow - presents the new, optimized system that will be implemented. • Stage 3 - dealing with exceptions - separation of duty - presents various situations that may arise during the operation of the computer system and how they should be treated. • Stage 4 - creation of the hierarchy of actions attached to the document, a model of the hierarchy of actions is presented, which will be attached to the document and can lead to the creation of access policies.

• Details
• Contents